The SIO2 project
  1. The SIO2 project
  2. SIO-1182

when only_default_contest is set, not allowed users see "403 Forbidden"

        Details

        • Type: Bug Bug
        • Status: Closed Closed
        • Priority: Major Major
        • Resolution: Fixed
        • Affects Version/s: Far Future
        • Fix Version/s: 0.1.6
        • Component/s: OIOIOI
        • Labels:
          None

          Activity

          Ascending order - Click to sort in descending order
          Hide
          Permalink
          Maciej Dębski added a comment -
          After logging as not allowed user, one gets redirected to dashboard.
          Dashboard view uses @enforce_condition(can_enter_contest), which throws 403.

          Same behaviour may be observed while trying to change contest to one we're not participant of.
          With only_default_contest situation is worse, as user have no easy way to logout.

          Proposed fix:
          write @gently_enforce_condition decorator, which on False will show nice page saying user has no access there.
          Page template shall probably inherit just after base.html
          Show
          Maciej Dębski added a comment - After logging as not allowed user, one gets redirected to dashboard. Dashboard view uses @enforce_condition(can_enter_contest), which throws 403. Same behaviour may be observed while trying to change contest to one we're not participant of. With only_default_contest situation is worse, as user have no easy way to logout. Proposed fix: write @gently_enforce_condition decorator, which on False will show nice page saying user has no access there. Page template shall probably inherit just after base.html
          Hide
          Permalink
          Maciej Dębski added a comment -
          Alternative fix:
          In RegistrationController, and possibly other places make can_enter_contest return AccessDenied decision with rendered response instead of bool.
          Show
          Maciej Dębski added a comment - Alternative fix: In RegistrationController, and possibly other places make can_enter_contest return AccessDenied decision with rendered response instead of bool.
          Hide
          Permalink
          Gerrit Gerrit added a comment -
          Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 1
          https://gerrit.sio2project.mimuw.edu.pl/1569

          SIO-1182 when only_default_contest is set, not allowed users see "403 Forbidden"

          Added gently_enforce_condition decorator, which returns nicer 403.

          Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
          Show
          Gerrit Gerrit added a comment - Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 1 https://gerrit.sio2project.mimuw.edu.pl/1569 SIO-1182 when only_default_contest is set, not allowed users see "403 Forbidden" Added gently_enforce_condition decorator, which returns nicer 403. Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
          Hide
          Permalink
          Gerrit Gerrit added a comment -
          Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 2
          https://gerrit.sio2project.mimuw.edu.pl/1569

          SIO-1182 when only_default_contest is set, not allowed users see "403 Forbidden"

          Added gently_enforce_condition decorator, which
          returns nicer 403.

          Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
          Show
          Gerrit Gerrit added a comment - Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 2 https://gerrit.sio2project.mimuw.edu.pl/1569 SIO-1182 when only_default_contest is set, not allowed users see "403 Forbidden" Added gently_enforce_condition decorator, which returns nicer 403. Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
          Hide
          Permalink
          Gerrit Gerrit added a comment -
          Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 3
          https://gerrit.sio2project.mimuw.edu.pl/1569

          SIO-1182 when only_default_contest is set, not allowed users see "403 Forbidden"

          Added gently_enforce_condition decorator, which
          returns nicer 403.

          Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
          Show
          Gerrit Gerrit added a comment - Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 3 https://gerrit.sio2project.mimuw.edu.pl/1569 SIO-1182 when only_default_contest is set, not allowed users see "403 Forbidden" Added gently_enforce_condition decorator, which returns nicer 403. Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
          Hide
          Permalink
          Gerrit Gerrit added a comment -
          Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 4
          https://gerrit.sio2project.mimuw.edu.pl/1569

          SIO-1182 when only_default_contest is set, not allowed users see "403 Forbidden"

          Added nice 403 page.

          Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
          Show
          Gerrit Gerrit added a comment - Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 4 https://gerrit.sio2project.mimuw.edu.pl/1569 SIO-1182 when only_default_contest is set, not allowed users see "403 Forbidden" Added nice 403 page. Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
          Hide
          Permalink
          Gerrit Gerrit added a comment -
          Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 5
          https://gerrit.sio2project.mimuw.edu.pl/1569

          SIO-1182 when only_default_contest is set, not allowed users see "403 Forbidden"

          Added nice 403 page.

          Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
          Show
          Gerrit Gerrit added a comment - Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 5 https://gerrit.sio2project.mimuw.edu.pl/1569 SIO-1182 when only_default_contest is set, not allowed users see "403 Forbidden" Added nice 403 page. Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
          Hide
          Permalink
          Gerrit Gerrit added a comment -
          Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 6
          https://gerrit.sio2project.mimuw.edu.pl/1569

          SIO-1182 Added nice 403 page.

          Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
          Show
          Gerrit Gerrit added a comment - Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 6 https://gerrit.sio2project.mimuw.edu.pl/1569 SIO-1182 Added nice 403 page. Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8

            People

            • Assignee:
              Szymon Acedański
              Reporter:
              Michał Adamczyk
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: